The Inquirer-Home

PHP users are warned of a bug

Don't install the 5.3.7 update
Tue Aug 23 2011, 14:36

USERS OF the web scripting language PHP have been warned not to download the latest version after the discovery of faulty components that could pose a security risk.

According to The INQUIRER's sister IT news web site V3.co.uk, the PHP Group has warned against installing the 5.3.7 update and recommends waiting for PHP 5.3.8 later this week. The security organisation Sans Institute is also advising users to hold off on updating PHP.

This is because the 5.3.7 update contains a faulty encryption component that is unable to properly encrypt data. The flaw prevents the full encryption and proper handling of MD5 encoded data. It is considered serious enough to warrant bypassing the 5.3.7 release.

The PHP 5.3.7 build was released on 18 August, containing 90 bug fixes and performance enhancements as well as at least six security updates. The update was the largest for PHP since the March 2011 release of version 5.3.6. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?